]>
The Atom Publishing ProtocolIBM4205 South Miama Blvd.Research Triangle ParkNC27709US+1 919 272 3764joe@bitworking.orghttp://ibm.com/Propylon Ltd.45 Blackbourne Square, Rathfarnham GateDublinDublinD14IE+353-1-4927444bill.dehora@propylon.comhttp://www.propylon.com/The Atom Publishing Protocol (APP) is an application-level
protocol for publishing and editing Web
resources. The protocol is based on HTTP transport of
Atom-formatted representations. The Atom format is documented in
the Atom Syndication Format [RFC4287].
To provide feedback on this Internet-Draft, join the atom-protocol mailing
list (http://www.imc.org/atom-protocol/index.html).
The Atom Publishing Protocol is an application-level
protocol for publishing and editing Web resources using HTTP
and XML 1.0 .
The protocol supports the creation of arbitrary Web resources and
provides facilities for:
Collections:
Sets of resources, which can be retrieved in whole or in part.Service:
Discovering and describing Collections.Editing:
Creating, updating and deleting resources.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as
described in .
Atom Protocol Document formats are specified in terms of the XML
Information Set , serialized
as XML 1.0 .
The Infoset terms "Element Information Item" and "Attribute Information Item"
are shortened to "element" and "attribute" respectively.
Therefore, when this specification uses the term "element",
it is referring to an Element Information Item, and when it uses the term "attribute", it is
referring to an Attribute Information Item.
Some sections of this specification are illustrated with
fragments of a non-normative RELAX NG Compact schema . However, the text of this specification
provides the definition of conformance. Complete schemas
appear in .
XML elements defined by this specification MAY have an xml:base
attribute . When xml:base is
used, it serves the function described in Section 5.1.1 of URI Generic
Syntax , by establishing the base URI (or IRI) for resolving
relative references found within the scope of the
xml:base attribute.
Any element defined by this specification MAY have an xml:lang
attribute, whose content indicates the natural language for the element
and its descendents. The language context is only significant for
elements and attributes declared to be "Language-Sensitive" by this
specification. Requirements regarding the content and interpretation of
xml:lang are specified in Section 2.12 of XML 1.0 .
For convenience, this protocol can be referred to as the "Atom Protocol"
or "APP".
URI/IRI - A Uniform Resource Identifier and Internationalized
Resource Identifier. These terms and the distinction between
them are defined in and
. Before an IRI found in a document is
used by HTTP, the IRI is first converted to a URI (see
).
The phrase "the URI of a document" in this specification is
shorthand for "a URI which, when dereferenced, is expected to
produce that document as a representation".
Resource - A network-accessible data object or
service
identified by an IRI, as defined in . See
for further discussion
on resources.
Representation - An entity included with a request or
response as defined in .
Collection - A resource that contains a set of Member Entries.
See .
Member - A resource whose IRI is listed in a Collection
by a link element with a relation of "edit" or "edit-media". See
.
Workspace - A named group of Collections. See .
Service Document - A document that describes the
location and capabilities of one or more Collections. See .Category Document - A document that describes the categories
allowed in a Collection. See .
The Atom Publishing Protocol uses HTTP methods to author
Member Resources as follows:
GET is used to retrieve a representation of a
known resource.POST is used to create a new, dynamically-named,
resource. When the client submits non-Atom-Entry
representations to a Collection for creation, two
resources are always created - a Media Entry for the requested
resource, and a Media Link Entry for metadata (in Atom
Entry format) about the resource.PUT is used to update a known resource.DELETE is used to remove a known resource.The Atom Protocol imposes few restrictions on the actions of servers. Unless
a constraint is specified here, servers can be expected to vary in behavior,
in particular around the manipulation of Atom Entries sent by clients.
For example this specification
only defines the expected behavior of Collections with
respect to GET and POST, but this does not imply that
PUT, DELETE, PROPPATCH and others are forbidden on Collection
resources - only that this specification does not define what
the servers response would be to those methods. Similarly
while some HTTP status codes are mentioned explicitly, clients
should be prepared to handle any valid status code from a
server.
This document does not specify the form of the URIs that are
used. HTTP () specifies that the URI space of each server is controlled
by that server and the Atom Protocol imposes no constraints on that control.
What this RFC does specify are the formats of
the representations that are exchanged and the actions that can be performed on
the IRIs embedded in those documents.
This document only covers the creation, update and deletion
of Entry and Media resources. Other resources can be created,
updated, and deleted as the result of manipulating a
Collection, but the number of those resources, their
mime-types, and effects of Atom Protocol operations on them
are outside the scope of this specification.
Since all aspects of client-server interaction are defined in
terms of HTTP, should be consulted for any areas not
covered in this specification.
Along with operations on Member Resources, the Atom Protocol
defines Collection Resources for managing and organizing
Member Resources. Collections are represented by Atom Feed
documents and contain the IRIs of, and metadata about, their
Member Resources. The Atom Protocol does not make a
distinction between Feeds used for Collections and other Atom
Feeds. The only mechanism that this specification supplies
for distinguishing a Collection Feed is its appearance in a Service
Document.
Atom Protocol documents allow the use of IRIs
, as well as URIs
. Before an IRI found in a document
is used by HTTP, the IRI is first converted to a URI
according the procedure defined in Section 3.1 of
. In accordance with that
specification, this conversion SHOULD be applied as
late as possible. The IRI, and the URI into which it is
converted, identify the same resource.
There are two kinds of Member Resources - Member Entry
Resources and Media Resources. Member Entry Resources are
represented as Atom Entries . Media
Resources can have representations in any media type. A
Media Link Entry is a Member Entry that contains metadata
about a Media Resource. This diagram shows the
classification of the resources:
Member Resource
-> Member Entry Resource
-> Media Link Entry Resource
-> Media Resource
Collections, represented by Atom feeds, contain
Entries. Those Entries contain the Member Entry and Media
Resources IRIs of the Collection. A Collection can contain any
number of Entries of either kind. In the diagram of a Collection
below, there are two Entries. The first contains the IRI of a
Member Entry Resource. The second contains the IRIs of both a
Media Resource and a Media Link Entry Resource, which contains
the metadata for that Media Resource:
Collection
Entry
Member Entry IRI -> Member Entry Resource
Entry
Member Entry IRI -> Media Link Entry Resource
Media IRI -> Media Resource
Service Documents represent server-defined groups of Collections, and are
used to initialize the process of creating and editing resources.
Client Server
| |
| 1.) GET to Service Document |
|------------------------------------------>|
| |
| 2.) Service Document |
|<------------------------------------------|
| |
The client sends a GET request using the URI of the Service Document.The server responds with the document enumerating the IRIs of a group of
Collections and the capabilities of those Collections supported by the
server. The content of this document can vary based on aspects of the client
request, including, but not limited to, authentication credentials.
To list the members of a Collection, the client sends a GET request to the
URI of a Collection. An Atom Feed Document is returned whose
Entries contain the IRIs of Member Resources. The returned
Feed may describe all, or only a subset, of the Members
in a Collection (see ). describes
extensions to the Atom Syndication Format used in the
Atom Protocol.
Client Server
| |
| 1.) GET to Collection URI |
|------------------------------->|
| |
| 2.) Atom Feed Doc |
|<-------------------------------|
| |
The client sends a GET request to the URI of the Collection.
The server responds with an Atom Feed Document containing the IRIs
of the Collection members.
Client Server
| |
| 1.) POST to URI of Collection |
|------------------------------------------>|
| |
| 2.) 201 Created |
| Location: Member Entry URI |
|<------------------------------------------|
| |
The client POSTs a representation of the Member to the URI of the
Collection.If the Member Resource was created successfully, the server responds with a
status code of 201 and a Location: header that contains the IRI of the
newly created Member Entry Resource. Media Resources could have also
been created and their IRIs can be found through the Member Entry Resource.
See for more details.Once a resource has been created and its Member URI is known, that URI can be used
to retrieve, update, and delete the resource.
Client Server
| |
| 1.) GET to Member URI |
|------------------------------------------>|
| |
| 2.) Member Representation |
|<------------------------------------------|
| |
The client sends a GET request to the URI of a Member Resource to retrieve its
representation.The server responds with the representation of the resource.
Client Server
| |
| 1.) PUT to Member URI |
|------------------------------------------>|
| |
| 2.) 200 OK |
|<------------------------------------------|
The client PUTs an updated representation to the URI of a Member Resource.If the update is successful the server responds with a status
code of 200.
Client Server
| |
| 1.) DELETE to Member URI |
|------------------------------------------>|
| |
| 2.) 200 Ok |
|<------------------------------------------|
| |
The client sends a DELETE request to the URI of a Member Resource.If the deletion is successful the server responds with a
status code of 200.
A different approach is taken
for deleting Media Resources, see for details.
The Atom Protocol uses the response status codes defined in HTTP to
indicate the success or failure of an operation. Consult the HTTP
specification for detailed definitions of each
status code. Implementers are asked to note that per the HTTP
specification, HTTP 4xx and 5xx response entities SHOULD include a
human-readable explanation of the error.
This specification describes two kinds of Documents - Category
Documents and Service Documents.A Category Document () contain lists of
categories specified using the "atom:category" element from the Atom
Syndication Format. A Service Document () describes
Workspaces, which are server-defined groups of Collections. This
specification assigns no meaning to Workspaces; that is, a Workspace does not
imply any specific processing assumptions. Operations on Workspaces
themselves, such as creation or deletion, are not defined by this
specification. The namespace name for either
kind of document is: http://purl.org/atom/app#The namespace name needs to be updated with the final URI upon publication This specification uses the prefix "app:" for the namespace name. The
prefix "atom:" is used for "http://www.w3.org/2005/Atom", the namespace name of
the Atom Syndication Format . The namespace prefixes
are not semantically significant. Atom Publishing Protocol Documents MUST be well-formed XML. This
specification does not define any DTDs for Atom Protocol formats, and hence
does not require them to be "valid" in the sense used by XML. Unrecognized markup in an Atom Publishing Protocol document is considered
"foreign markup" as defined in . Such foreign markup
can be used anywhere within a Category or Service Document unless it is
explicitly forbidden. Processors that encounter foreign markup MUST NOT stop
processing and MUST NOT signal an error. Clients SHOULD preserve foreign markup when
transmitting such documents. The namespace name "http://purl.org/atom/app#" is reserved for forward
compatible revisions of the Category and Service Document types - this does
not exclude the addition of elements and attributes that might not be
recognized by processors conformant to this specification. Such unrecognized
markup from the "http://purl.org/atom/app#" namespace MUST be treated as
foreign markup.
Category Documents contain lists of categories described using the
"atom:category" element from the Atom Syndication Format .
Categories can also appear in Service Documents, where they describe the categories allowed in a Collection (see ).
Category Documents are identified with the "application/atomcat+xml" media type (see
).
]]>
This Category Document contains three categories, with the terms "animal",
"vegetable", and "mineral". None of the categories use the 'label' attribute
defined in . They all inherit the
"http://example.com/cats/big3" 'scheme' attribute declared on the app:categories
element. Therefore if the "mineral" category were to appear in an Atom Entry or
Feed Document, it would appear as:
]]>
The root of a Category Document is the "app:categories" element. An
app:categories element can contain zero or more "atom:category" elements from the
Atom namespace ("http://www.w3.org/2005/Atom").
An app:category child element that has no "scheme" attribute inherits the
attribute from its app:categories parent. An app:category child element with an
existing "scheme" attribute does not inherit the "scheme" value of its
"app:categories" parent element. The app:categories element can contain a "fixed" attribute, with a value of
either "yes" or "no", indicating whether the list of categories is a fixed or an
open set. Attempts to create or update members whose categories are not listed in
the Collection Document MAY be rejected by the server. Collections that indicate
the category set is open SHOULD NOT reject otherwise acceptable members whose categories
are not listed by the Collection.Alternatively, the app:categories element MAY contain an "href" attribute,
whose value MUST be an IRI reference identifying a Category Document. If the
"href" attribute is provided, the app:categories element MUST be empty and MUST
NOT have the "fixed" or "scheme" attributes. For authoring to commence, a client needs to discover the
capabilities and locations of the available Collections. Service
Documents are designed to support this discovery process. How
Service Documents are discovered is not defined in this
specification.
A Service Document describes Workspaces, which are server-defined groups of Collections.
Service Documents are identified with the "application/atomserv+xml" media type (see
).
There is no requirement that a server support multiple Workspaces. In
addition, a Collection MAY appear in more than one Workspace.
This Service Document describes two Workspaces. The first Workspace
is called "Main Site", has two Collections called "My Blog Entries"
and "Pictures" whose IRIs are "http://example.org/reilly/main" and
"http://example.org/reilly/pic" respectively. The "Pictures"
Workspace includes an "accept" element indicating that a client can
post image files to the Collection to create new Media Resources. Entries
with associated Media Resources are discussed in .
The second Workspace is called "Side Bar Blog" and has a single Collection
called "Remaindered Links" whose IRI is "http://example.org/reilly/list".
Within each of the two Entry collections, the categories element provides a list
of available categories for Member Entries. In the "My Blog Entries" Collection,
the list of available categories is obtainable through the "href" attribute. The
"Side Bar Blog" Collection provides a category list within the Service Document,
but states the list is fixed, signaling a request from the server that Entries
be POSTed using only those two categories.
The root of a Service Document is the "app:service" element. The "app:service" element is the container for service
information associated with one or more Workspaces. An app:service
element MUST contain one or more app:workspace elements.
namespace app = "http://purl.org/atom/app#"
start = appService
The "app:workspace" element contains information elements about
the Collections of resources available for editing. The
app:workspace element contains zero or more app:collection
elements.
The app:workspace element MUST contain one "atom:title" element (as defined
in ), giving
a human-readable title for the Workspace.
The "app:collection" element describes a Collection. The app:collection
element MAY contain one app:accept element and MAY contain any
number of app:categories elements. The app:collection element
MUST NOT contain more than one app:accept element.
The app:collection element MAY appear as a child of an atom:feed
or atom:source element in an Atom Feed Document. Its value
identifies a Collection by which new Entries can be added to
appear in the feed. The app:collection element is considered
foreign markup as defined in Section 6 of .
The app:collection element MUST contain an "href"
attribute, whose value gives the IRI of the
Collection.
The app:collection Element MUST contain one "atom:title"
element (as defined
in ), giving a human-readable title for the Collection.
The "app:accept" element value specifies a comma-separated list
of media-ranges (see ) identifying the
types of representations that can be POSTed to the URI of a
Collection. Whitespace around and between media-range values is
considered insignificant and MUST be ignored.
The app:accept element is similar to the HTTP Accept request-header with
the exception that app:accept has no notion of preference. As a result, the value
syntax of app:accept does not use "accept-params" or "q" arguments as specified in
, section 14.1. The order of media-ranges is not significant. The following lists are
all equivalent:
image/png,image/*
image/*, image/png image/* ]]>
A value of "entry" may appear in any list of media-ranges in an
accept element and indicates that Atom Entry Documents can be
POSTed to the Collection.
If the accept element exists but is empty, clients SHOULD assume
that the Collection does not support the creation of new Entries. If
the accept element is not present, clients SHOULD treat this as
equivalent to entry]]>.
The "app:categories" element provides a listing of the categories that can be
applied to the members of a Collection.
The app:categories element MAY contain a "fixed" attribute, with a value of
either "yes" or "no", indicating whether or not the listing of categories is
considered to be a fixed, or closed set. The absence of the "fixed" attribute
is equivalent to the presence of a "fixed" attribute with a value of "no".
Collections that indicate a fixed set
MAY reject members that include categories not specified in the provided
listing. Collections that indicate an open set SHOULD NOT reject otherwise
acceptable members whose categories are not present in the
provided list.
The app:categories element MAY contain an "href" attribute, whose value MUST be
an IRI reference identifying a Category Document. If the "href" attribute is
provided, the app:categories element MUST be empty and the
"fixed" and "scheme" attributes MUST NOT be present.
The Member URI supports retrieving, updating and deleting the resource using
HTTP GET, PUT and DELETE. Retrieval and updating of Member Entry Resources
are done by exchanging Atom Entry representations.
Member Entry URIs appear in two places. First, they are returned in a
Location header after successful resource creation using POST, as described
below. Second, they appear in the Entries of a Collection document as
atom:link elements with a link relation of "edit".
Each Member Entry SHOULD contain such an atom:link element
providing its Member Entry URI.
To add members to a Collection, clients send POST requests to the
URI of a Collection. Successful member creation is normally
indicated with a 201 ("Created") response code. Collections MAY
generate a response with a status code of 415 ("Unsupported Media
Type") to indicate that the media-type of the POSTed entity is not allowed or
supported by the Collection.
When a Member Resource is created in the Collection which
received the POST, its Member Entry URI MUST be returned in an
HTTP Location header.
When the server generates a response with a status code of 201 ("Created"), it
SHOULD also return a response body, which if provided, MUST be an Atom Entry
Document representing the newly-created resource.
Since the server is free to alter the POSTed Entry, for example by
changing the content of the "id" element, returning the Entry as
described in the previous paragraph can be useful to the client,
enabling it to correlate the client and server views of the new
Entry.
If the POST request contained an Atom Entry Document, and the
subsequent response from the server contains a Content-Location
header that matches the Location header character-for-character,
then the client is authorized to interpret the response entity as
being the representation of the newly created Entry. Without a
matching Content-Location header the client MUST NOT assume the
returned entity is a complete representation of the created
resource.
The request body sent with the POST need not be an Atom Entry. For example, it
might be a picture, or a movie. For a discussion of the issues in POSTing
such content, see .
Below, the client sends a POST request containing an Atom Entry representation to the URI of the Collection:
Atom-Powered Robots Run Amokurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a2003-12-13T18:30:02ZJohn DoeSome text.]]>
The server signals a successful creation with a status code of
201. The response includes a Location: header indicating the
Member Entry URI of the Atom Entry and a representation of that Entry in
the body of the response.
Atom-Powered Robots Run Amokurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a2003-12-13T18:30:02ZJohn DoeSome text.]]>
The created Entry returned by the server might not match the Entry
POSTed by the client. A server MAY change the values of various
elements in the Entry such as the atom:id, atom:updated and
atom:author values and MAY choose to remove or add other elements
and attributes, or change element and attribute values.
In particular, the publishing system in this example filled in some
values not provided in the original POST. For example, it
ascertained the name of the author, presumably via the
authentication protocol used to establish the right to post.
To update a resource, clients send PUT requests to its Member URI, as
specified in .
To avoid unintentional loss of data when editing Member Entries or
Media Link Entries, Atom Protocol clients SHOULD preserve all metadata
that has not been intentionally modified, including unknown
foreign markup as defined in Section 6 of .
To delete a resource, clients send DELETE requests to its Member URI, as
specified in . For Media
Resources, deletion of a Media Link Entry SHOULD result in the deletion of the
associated Media Resource.
A client can POST a media type other than application/atom+xml to a
Collection. Such a request always creates two new resources - one that
corresponds to the entity sent in the request, called the Media
Resource, and an associated Member Entry, called the Media Link
Entry. Media Link Entries are represented as Atom Entries. The server
can signal the media types it will accept via the "accept" element in
the Service Document (). The Media Link Entry contains the IRI of, and metadata about, the (perhaps non-textual) Media Resource.
The Media Link Entry makes the metadata about the Media Resource separately available for
retrieval and update. Successful responses to creation requests MUST include the URI of
the Media Link Entry in the Location header. The Media Link
Entry SHOULD contain an atom:link element with a link relation of
"edit-media" that contains the Media Resource IRI.
The Media Link Entry MUST have an "atom:content" element with a
"src" attribute. The value of the "src" attribute
is an IRI of the newly created Media Resource.
It is OPTIONAL that the IRI of the "src" attribute on the
atom:content element be the same as the Media Resource IRI. For example,
the "src" attribute value might instead be a link into a static cache
or content distribution network and not the Media Resource IRI.
Implementers are asked to note that according to the requirements of
, Entries, and thus Media Link Entries, MUST
contain an atom:summary element. Upon successful creation of a Media
Link Entry, a server MAY choose to populate the atom:summary element
(as well as any other required elements such as atom:id, atom:author and
atom:title) with content derived from the POSTed entity or from any
other source. A server might not allow a client to modify the server
selected values for these elements.For resource creation this specification only defines cases where
the POST body has an Atom Entry entity declared as an Atom media type
("application/atom+xml"), or a non-Atom entity declared as a non-Atom
media type. It does not specify any request semantics or server
behavior in the case where the POSTed media-type is
"application/atom+xml" but the body is something other than an Atom
Entry. In particular, what happens on POSTing an Atom Feed Document
to a Collection using the "application/atom+xml" media type is
undefined.
The Atom Protocol does not specify a means to create multiple
representations of the same resource (for example a PNG and a JPG of
the same image) on creation or update.
Below, the client sends a POST request containing a PNG image to the
URI of a Collection that accepts PNG images:
The server signals a successful creation with a status code
of 201. The response includes a Location header indicating
the Member URI of the Media Link Entry and a representation
of that entry in the body of the response. The Media Link
Entry includes a content element with a src attribute.
It also contains a link using the link
relation "edit-media" specifying the IRI to be used for
modifying the Media Resource.
The Beachurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a2005-10-07T17:17:08ZDaffy]]>
Later, the client PUTS a new PNG to the URI indicated in the Media Link
Entry's "edit-media" link:
The server signals a successful update with a status code of 200.
The client can update the metadata for the picture.
First GET the Media Link Entry:The Media Link Entry is returned.The Beachurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a2005-10-07T17:17:08ZDaffy]]> The metadata can be updated, in this case to
add a summary, and then PUT back to the
server.
The Beachurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a2005-10-07T17:17:08ZDaffy
A nice sunset picture over the water.
]]> The update was successful.Multiple media resources can be added to the Collection.The resource is created successfully. The Pierurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efe6b2005-10-07T17:26:43ZDaffy]]> The client can now create a new Atom Entry
in the blog Entry Collection that
references the two newly created Media Resources.
A fun day at the beachurn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6b2005-10-07T17:40:02ZDaffy

We had a good day at the beach.

Later we walked down to the pier.

]]> The resource is created successfully. A fun day at the beachhttp://example.org/blog/a-day-at-the-beach.xhtml2005-10-07T17:43:07ZDaffy

We had a good day at the beach.

Later we walked down to the pier.

]]> Note that the returned Entry contains a link
with a relation of "alternate" that points to
the associated XHTML page that was created.
This is not required by this specification,
but is included to show the kinds of changes
a server may make to an Entry.
Slug is a HTTP entity-header whose value is a short name
that, when accompanying a POST to a Collection,
constitutes a request by the client that its value
be used as part of the URI for the to-be-created Member Resource.
When POSTing an entity to a Collection to add a new Member, the server MAY use
this information when creating the Member URI of the newly-created resource, for
instance by using some or all of the words in the last URI segment. It MAY also
use it when creating the atom:id or as the title of a Media Link Entry (see
.).
Servers MAY ignore the Slug entity-header and MAY alter its value before using
it. For example, the server MAY filter out some characters or replace accented
letters with non-accented ones, spaces with underscores, etc.
The syntax of this header MUST conform to the augmented BNF grammar in section 2.1 of
the HTTP/1.1 specification . The TEXT rule is described in section 2.2 of the same document. Clients MAY send non-ASCII characters in the Slug entity-header, which they MUST
encode using "encoded-words", as defined in . Servers SHOULD treat the slug
as encoded if it matches the "encoded-words" production.
Here is an example of the Slug: header that uses the encoding
rules of .
See for an example
of the Slug: header applied to the creation of
a Member Entry Resource.
Collection Resources MUST provide representations in the form of Atom Feed
documents whose Entries contain the IRIs of the Members in the Collection. No structural
distinction is made between Collection Feeds and other kinds of Feeds - a Feed
might act both as a 'public' feed for subscription purposes and as a Collection
Feed. Each Entry in the Feed Document SHOULD have an atom:link element with a
relation of "edit" (See ). The Entries in the returned Atom Feed SHOULD be ordered by their
"atom:updated" property, with the most recently updated Entries coming first in
the document order. Clients SHOULD be constructed in consideration of the fact
that changes which do not alter the atom:updated value of an Entry will not
affect the position of the Entry in a Collection. That is, the Atom Syndication
Format states that the value of atom:updated is altered when the changes to an Entry
are something that "the publisher considers significant." The atom:updated value is not
equivalent to the HTTP Last-Modified: header and can not be used
to determine the freshness of cached responses.
Clients MUST NOT assume that an Atom Entry returned in the Feed is a full
representation of a Member Entry Resource and SHOULD perform a GET on the URI of
the Member Entry before editing.Collections can contain large numbers of resources. A naive client such as a
web spider or web browser could be overwhelmed if the response to a GET
contained every Entry in the Collection, and the server would waste large
amounts of bandwidth and processing time on clients unable to handle the
response. For this reason, servers MAY return a partial listing of the most
recently updated Member Resources. Such partial feed documents MUST have an
atom:link with a "next" relation whose "href" value is the URI of the next
partial listing of the Collection (the next most recently updated Member Resources)
where it exists. This is called "Collection paging".
The returned Atom Feed MAY contain a subset the Member Entries for a
Collection. In addition, the Atom Feed document MAY contain link elements with "rel"
attribute values of "next", "previous", "first" and "last" that can be used to
navigate through the complete set of matching Entries.
For instance, suppose a client is supplied the URI "http://example.org/entries/go"
of a Collection of Member entries, where the server as a matter of
policy avoids generating feed documents containing more than 10 Entries.
The Atom Feed document for the Collection will then represent the first 'page' in
a set of 10 linked feed documents. The "first" relation will reference the initial feed document in the set and the "last"
relation references the final Atom Feed Document in the set. Within each document, the "next" and
"previous" link relations reference the preceding and subsequent documents.
...
]]>
The "next" and "previous" link elements for the feed 'page' located at
"http://example.org/entries/2" would look like this:
...
]]>
The "app:edited" element is a Date construct as defined by
whose value indicates the most recent instant in
time when an Entry was edited, including when created. Atom
Entry elements in Collection documents SHOULD contain one
"app:edited" element, and MUST NOT contain more than one.
appEdited = element app:edited ( atomDateConstruct )
The server SHOULD change the value of this element every time
a Collection Member Resource or an associated Media Resource
has been edited.
This specification adds the value "edit" to the Atom Registry of
Link Relations (see section 7.1 of ).
The value of "edit" specifies that the value of the href
attribute is the IRI of an editable Member Entry. When appearing
within an atom:entry, the href IRI can be used to retrieve,
update and delete the resource represented by that Entry. An
atom:entry MUST contain no more than one "edit" link relation.
This specification adds the value "edit-media" to the Atom
Registry of Link Relations (see section 7.1 of
). When appearing within an atom:entry,
the value of the href attribute is an IRI that can be used to
modify a Media Resource associated with that Entry.
An atom:entry element MAY contain zero or more "edit-media" link
relations. An atom:entry MUST NOT contain more than one atom:link
element with a rel attribute value of "edit-media" that has the
same "type" and "hreflang" attribute values. All "edit-media" link
relations in the same Entry reference the same resource. If a
client encounters multiple "edit-media" link relations in an
Entry then it SHOULD choose a link based on the client
preferences for "type" and "hreflang". If a client encounters
multiple "edit-media" link relations in an Entry and has no
preference based on the "type" and "hreflang" attributes then the
client SHOULD pick the first "edit-media" link relation in
document order.
This specification defines an Atom Format Structured Extension,
as defined in Section 6 of , for publishing
control within the "http://purl.org/atom/app#" namespace.
namespace app = "http://purl.org/atom/app#"
pubControl =
element app:control {
atomCommonAttributes,
pubDraft?
& extensionElement
}
pubDraft =
element app:draft { "yes" | "no" }
The "app:control" element MAY appear as a child of an atom:entry which
is being created or updated via the Atom Publishing Protocol. The
app:control element MUST appear only once in an Entry. The
app:control element is considered foreign markup as defined in Section
6 of .
The app:control element and its child elements MAY be included in Atom
Feed or Entry Documents.
The app:control element can contain an optional "app:draft" element as
defined below, and can contain extension elements as defined in
Section 6 of .
The number of app:draft elements in app:control MUST be zero or
one. Its value MUST be one of "yes" or "no". A value of "no" indicates
a client request that the Member Resource be made publicly visible. If the
app:draft element is missing then the value MUST be understood to
be "no". The inclusion of the app:draft element represents a
request by the client to control the visibility of a Member
Resource and the app:draft element MAY be ignored by the server.
The Atom Publishing Protocol is based on HTTP. Authentication requirements for HTTP
are covered in Section 11 of .
The use of authentication mechanisms to prevent POSTing or editing by unknown or
unauthorized clients is RECOMMENDED but not required. When authentication is not
used, clients and servers are vulnerable to trivial spoofing, denial of service
and defacement attacks, however, in some contexts, this is an acceptable risk.
The type of authentication deployed is a local decision made by the
server operator. Clients are likely to face authentication schemes
that vary across server deployments. At a minimum, client and
server implementations MUST be capable of being configured to use
HTTP Basic Authentication in conjunction
with a TLS connection as specified by . See
for more information on TLS.
The choice of authentication mechanism will impact
interoperability. The minimum level of security referenced above
(Basic Authentication with TLS) is considered good practice for
Internet applications at the time of publication of this
specification and sufficient for establishing a baseline for
interoperability. Implementers can investigate and use
alternative mechanisms regarded as equivalently good or better at
the time of deployment. It is RECOMMENDED that clients be
implemented in such a way that allows new authentication schemes to
be deployed.
Because this protocol uses HTTP response status codes as the primary means of
reporting the result of a request, servers are advised to respond to unauthorized
or unauthenticated requests using an appropriate 4xx HTTP response code
(e.g. 401 "Unauthorized" or 403 "Forbidden") in accordance with .
As an HTTP-based protocol, APP is subject to the security considerations found
in Section 15 of .
Atom Publishing server implementations need to take adequate precautions to ensure
malicious clients cannot consume excessive server resources (CPU, memory, disk, etc).
Atom Publishing server implementations are susceptible to replay attacks. Specifically,
this specification does not define a means of detecting duplicate requests. Accidentally
sent duplicate requests are indistinguishable from intentional and malicious replay attacks.
Atom Publishing implementations are susceptible to a variety of spoofing attacks. Malicious
clients may send Atom Entries containing inaccurate information anywhere in the document.
Atom Feed and Entry documents can contain XML External Entities as defined in Section
4.2.2 of . Atom implementations are not required to load external entities.
External entities are subject to the same security concerns as any network operation
and can alter the semantics of an Atom document. The same issues exist for resources
linked to by Atom elements such as atom:link and atom:content.
Atom Entry Documents sent to a server might contain XML Digital Signatures
and might be encrypted using XML Encryption
as specified in Section 5 of .
Servers are allowed to modify received resource representations in ways that
can invalidate signatures covering those representations.
Atom Publishing Protocol implementations handle URIs and IRIs. See Section 7 of and
Section 8 of .
An Atom Publishing Protocol Service Document, when serialized
as XML 1.0, can be identified with the following media type: application atomserv+xml None. This parameter has identical
semantics to the charset parameter of the
"application/xml" media type as specified in . Identical to those of
"application/xml" as described in ,
section 3.2. As defined in this
specification. update upon publicationIn addition, as this media type uses the "+xml" convention,
it shares the same security considerations as described in
, section 10. There are no
known interoperability issues. This
specification. update upon publication No known
applications currently use this media type.Additional information: As specified for
"application/xml" in , section
3.2. .atomsrv As specified for
"application/xml" in , section 5. As specified in , section 6. TEXT Joe Gregorio <joe@bitworking.org>
COMMON This
specification's author(s). update upon publicationAn Atom Publishing Protocol Category Document, when serialized
as XML 1.0, can be identified with the following media type: application atomcat+xml None. This parameter has identical
semantics to the charset parameter of the
"application/xml" media type as specified in . Identical to those of
"application/xml" as described in ,
section 3.2. As defined in this
specification. update upon publicationIn addition, as this media type uses the "+xml" convention,
it shares the same security considerations as described in
, section 10. There are no
known interoperability issues. This
specification. update upon publication No known
applications currently use this media type.Additional information: As specified for
"application/xml" in , section
3.2. .atomcat As specified for
"application/xml" in , section 5. As specified in , section 6. TEXT Joe Gregorio <joe@bitworking.org>
COMMON This
specification's author(s). update upon publicationincomplete sectionSLUGhttp standard.IETF (iesg@ietf.org) Internet Engineering Task Force
draft-ietf-atompub-protocol-11.txt
(update on rfc number
assignment)
&rfc2119;
&rfc2616;
&rfc2617;
&rfc2818;
&rfc4346;
&rfc4287;
&rfc3023;
&rfc3986;
&rfc3987;
&rfc2047;
&XML;
&XMLNS;
&XMLBASE;
&INFOSET;
&XMLDSIG;
&XMLENC;
&WEBARCH;
RELAX NG Compact Syntax
The content and concepts within are a product of the Atom community and the Atompub Working Group.
chairs to compile a contribution list for 1.0
This appendix is informative.
The Relax NG schema explicitly excludes elements in the Atom Protocol namespace which are
not defined in this revision of the specification. Requirements for Atom Protocol
processors encountering such markup are given in Section 6.2 and Section 6.3 of
.
The Schema for Service Documents: The Schema for Category Documents: draft-ietf-atompub-protocol-11:
Parts of PaceAppEdited. PaceSecurityConsiderationsRevised.
draft-ietf-atompub-protocol-10: PaceRemoveTitleHeader2, PaceSlugHeader4,
PaceOnlyMemberURI,PaceOneAppNamespaceOnly, PaceAppCategories,
PaceExtendIntrospection, UseElementsForAppCollectionTitles3, renamed
Introspection to Service, lots of good editorials suggestions, updated
media example with slug, moved xml conventions to convention
sections, renamed XMl related Conventions to Atom Publishing Protocol Documents,
added auth header to examples, consolidated definition of all resource types into
the model section, added IANA reg info for application/atomcat+xml.
draft-ietf-atompub-protocol-09: PaceWorkspaceMayHaveCollections, PaceMediaEntries5,
http://www.imc.org/atom-protocol/mail-archive/msg05322.html, and
http://www.imc.org/atom-protocol/mail-archive/msg05272.html
draft-ietf-atompub-protocol-08: added infoset ref; added wording re IRI/URI; fixed URI/IRI ;
next/previous fixed as per Atom LinkRelations Attribute (http://www.imc.org/atom-protocol/mail-archive/msg04095.html);
incorporated: PaceEditLinkMustToMay; PaceMissingDraftHasNoMeaning, PaceRemoveMemberTypeMust, PaceRemoveMemberTypePostMust,
PaceTitleHeaderOnlyInMediaCollections, PacePreserveForeignMarkup, PaceClarifyTitleHeader, PaceClarifyMediaResourceLinks,
PaceTwoPrimaryCollections;
draft-ietf-atompub-protocol-07: updated Atom refs to RFC4287;
incorporated PaceBetterHttpResponseCode;
PaceClarifyCollectionAndDeleteMethodByWritingLessInsteadOfMore;
PaceRemoveAcceptPostText; PaceRemoveListTemplate2;
PaceRemoveRegistry; PaceRemoveWhoWritesWhat;
PaceSimplifyClarifyBetterfyRemoveBogusValidityText;
PaceCollectionOrderSignificance; PaceFixLostIntrospectionText;
PaceListPaging; PaceCollectionControl; element typo in Listing
collections para3 (was app:member-type, not app:list-template);
changed post atom entry example to be valid. Dropped inline use of
'APP'. Removed nested diagram from section 4. Added ed notes in the
security section.
draft-ietf-atompub-protocol-06 - Removed: Robert Sayre from the
contributors section per his request.
Added in PaceCollectionControl. Fixed all the {daterange} verbage
and examples so they all use a dash. Added full rnc schema.
Collapsed Introspection and Collection documents into a single
document. Removed {dateRange} queries. Renamed search to list.
Moved discussion of media and entry collection until
later in the document and tied the discussion to the
Introspection element app:member-type.
draft-ietf-atompub-protocol-05 - Added: Contributors section. Added:
de hOra to editors. Fixed: typos. Added diagrams and description to
model section. Incorporates PaceAppDocuments, PaceAppDocuments2,
PaceSimplifyCollections2 (large-sized chunks of it anyhow: the notions
of Entry and Generic resources, the section 4 language on the Protocol
Model, 4.1 through 4.5.2, the notion of a Collection document, as in
Section 5 through 5.3, Section 7 "Collection resources", Selection
resources (modified from pace which talked about search); results in
major mods to Collection Documents, Section 9.2 "Title: Header" and
brokeout para to section 9.1 Editing Generic Resources). Added XML
namespace and language section. Some cleanup of front matter. Added
Language Sensitivity to some attributes. Removed resource descriptions
from terminology. Some juggling of sections. See:
http://www.imc.org/atom-protocol/mail-archive/msg01812.html.
draft-ietf-atompub-protocol-04 -
Add ladder diagrams, reorganize, add SOAP interactions
draft-ietf-atompub-protocol-03 -
Incorporates PaceSliceAndDice3 and PaceIntrospection.
draft-ietf-atompub-protocol-02 -
Incorporates Pace409Response, PacePostLocationMust,
and PaceSimpleResourcePosting.
draft-ietf-atompub-protocol-01 -
Added in sections on Responses for the EditURI.
Allow 2xx for response to EditURI PUTs.
Elided all mentions of WSSE. Started adding in some
normative references. Added the section "Securing the
Atom Protocol". Clarified that it is possible that the PostURI and FeedURI
could be the same URI. Cleaned up descriptions for Response codes
400 and 500.
Rev draft-ietf-atompub-protocol-00 - 5Jul2004 -
Renamed the file and re-titled the document to conform
to IETF submission guidelines. Changed MIME type to match the one
selected for the Atom format. Numerous typographical fixes.
We used to have two 'Introduction' sections. One of them was
moved into the Abstract the other absorbed the Scope section.
IPR and copyright notifications were added.
Rev 09 - 10Dec2003 - Added the section on SOAP enabled clients
and servers.Rev 08 - 01Dec2003 - Refactored the specification, merging the Introspection
file into the feed format. Also dropped the distinction between the
type of URI used to create new entries and the kind used to create comments.
Dropped user preferences.Rev 07 - 06Aug2003 - Removed the use of the RSD file for auto-discovery. Changed copyright
until a final standards body is chosen. Changed query parameters for the search facet
to all begin with atom- to avoid name collisions. Updated all the Entries to follow
the 0.2 version. Changed the format of the search results and template file
to a pure element based syntax.
Rev 06 - 24Jul2003 - Moved to PUT for updating Entries.
Changed all the mime-types to application/x.atom+xml. Added template
editing. Changed 'edit-entry' to 'create-entry' in the Introspection file
to more accurately reflect its purpose.
Rev 05 - 17Jul2003 - Renamed everything Echo into Atom. Added
version numbers in the Revision history.
Changed all the mime-types to application/atom+xml.
Rev 04 - 15Jul2003 - Updated the RSD version used from 0.7 to 1.0. Change the method of deleting
an Entry from POSTing <delete/> to using the HTTP DELETE verb. Also changed the
query interface to GET instead of POST. Moved Introspection Discovery to be up under
Introspection. Introduced the term 'facet' for the services listed in the Introspection file.
Rev 03 - 10Jul2003 - Added a link to the Wiki near the front of the
document. Added a section on finding an Entry. Retrieving an Entry
now broken out into its own section. Changed the HTTP status code for
a successful editing of an Entry to 205.
Rev 02 - 7Jul2003 - Entries are no longer returned from POSTs, instead they are retrieved via GET.
Cleaned up figure titles, as they are rendered poorly in HTML. All content-types
have been changed to application/atom+xml.
Rev 01 - 5Jul2003 - Renamed from EchoAPI.html to follow the more commonly used format:
draft-gregorio-NN.html. Renamed all
references to URL to URI. Broke out introspection into its own section. Added the Revision History section.
Added more to the warning that the example URIs are not normative.